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AMENDMENTS TO THE CLAIMS 

This listing of claims replaces all prior versions, and listings, of claims in the application: 
Listing of Claims: 

1 . (Currently Amended) In a computerized network environment including two or more 
computer systems sending messages through a network communication protocol, a method of 
receiving secure messages using custom security tokens, the method comprising: 

an act of identifying one or more security tokens in a received message that has been 
encrypted, and a value type corresponding with each identified security token, 
wherein th e on e or mor e s e curity tok e ns ar e r e pr e s e nted in th e messag e by a 
markup languag e id e ntifier, and wh e r e in th e at l e ast on e id e ntifi e d security tok e n 
is id e ntifi e d by th e markup languag e id e ntifi e r ; 

an act of matching the identified corresponding value type to a stored value type for a 
stored security token that the receiving computer system can access , wherein the 
stored value type comprises a collection of executable instructions for data 
handling ; 

an act of receiving data from the at least one identified security token into the stored 
value type that has been matched, wherein the raw data includes on e or more of 
id e ntification information, and a custom propert y, wherein the custom property 
defines one or more of time of day, geographic location, limitations on message 
access, or limitations on device access ; and 

an act of decrypting an encrypted portion of the received message and accessing the 
received message based at least in part on the raw dat a, including the custom 
property, received from the at least one identified security token. 

2. (Original) The method as recited in claim 1, wherein the received message includes 
one or more digital signatures, the method further comprising an act of authenticating at least one 
of the one or more digital signatures. 
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3. (Original) The method as recited in claim 1, further comprising an act of receiving a 
message from a sending computer system, the message including an encrypted portion and one 
or more security tokens. 

4. (Cancelled) 

5. (Original) The method as recited in claim 1, wherein the at least one identified 
security token is a binary security token. 

6. (Previously Presented) The method as recited in claim 1, wherein the identified 
corresponding value type is a custom value type created by the sending computer system or the 
receiving computer system, and that the receiving and sending computer system can access. 

7. (Original) The method as recited in claim 1, further comprising an act of updating one 
or more properties of the stored security token that is accessible by the receiving computer 
system with one or more of the identification information and the custom property. 

8. (Original) The method as recited in claim 7, further comprising an act of creating a 
security key when updating the one or more properties of the stored security token. 

9. (Original) The method as recited in claim 1, wherein the identified at least one 
security token is serialized in the received message based on a private key that is shared between 
the sending and receiving computer system. 

10. (Original) The method as recited in claim 9, wherein the private key is accessed from 
a key provider that both the sending and the receiving computer systems can access. 

1 1 . (Original) The method as recited in claim 1, wherein the one or more security tokens 
are found in a security header portion of the message. 
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12. (Original) The method as recited in claim 11, wherein, prior to receiving the 
message, the at least one identified token is serialized into the security header portion of the 
message by transforming the at least one identified security token into base 64 encoded data. 

13. (Original) The method as recited in claim 12, wherein deserializing comprises an act 
of converting data from the identified at least one token from base 64 encoding to a byte array. 
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14. (Currently Amended) In a computerized network environment including two or more 
computer systems sending messages through a network communication protocol, a method of 
receiving secure messages using custom security tokens, the method comprising: 

an act of at a receiving computer system identifying one or more security tokens in a 
received message^ from a sending computer system, that has been encrypted, and 
a value type corresponding with each identified security toke n, wherein the 
identified value type is a custom program class that only the receiving computer 
system and the sending computer system can access ; 

an act of matching the identified corresponding value type to a stored value type for a 
stored security token that the receiving computer system can access; and 

an act of receiving data from the at least one identified security token into the stored 
value type that has been matched, wherein the raw data includes one or more of 
identification information, and a custom property; and 

an act of decrypting an encrypted portion of the received message based at least in part on 
the raw data received from the at least one identified security tokenj-and 

wh e r e in, prior to r e c e iving the m e ssag e , the at l e ast one identifi e d token is serializ e d into 
the s e curity h e ader portion of th e message by transforming th e at l e ast on e 
identifi e d s e curity token into base 6 4 e ncod e d data. 



15-16 (Cancelled) 
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17. (Currently Amended) In a computerized network environment including two or more 
computer systems sending messages through a network communication protocol, a method of 
sending secure messages using custom security tokens, the method comprising: 

an act of a sending computer system generating one or more security tokens using one or 
more corresponding value types, each token including token data that includes 
on e or mor e of a custom propert y, wherein the custom property defines one or 
more of time of day, geographic location, limitations on message access, or 
limitations on device access , a signatur e , and an encryption l e v e l ; 

an act of encrypting a portion of a message using at least one of the one or more 
generated security tokens; 

an act of inserting the at least one generated security token in an outbound token 
collectio n, wh e r e in th e act of ins e rting th e at l e ast one generat e d s e curity tok e n in 
an outbound token collection furth e r compris e s: 

an act of id e ntifying a markup languag e r e pr e s e ntation of the at l e ast one 
gen e rat e d security tok e n, and 

an act of placing th e markup languag e repres e ntation of th e at l e ast on e 
g e nerat e d security tok e n in th e outbound tok e n coll e ction. ; and 

an act of converting the token data for the outbound token collection using a private key 
that is accessible by the sending computer system and a receiving computer 
system. 

18. (Original) The method as recited in claim 17, further comprising an act of including 
one or more digital signatures in the message, wherein the one or more digital signatures are 
authenticated prior to decrypting the encrypted portion of the message. 

19. (Previously Presented) The method as recited in claim 17, further comprising an act 
of including private key information in the message, such that the receiving computer system can 
access the key from a key provider based on the key information. 



Page 6 of 12 



Application No. 10/645,375 

Amendment "B" dated October 30, 2007 

Reply to Non-Final Office Action mailed July 30, 2007 

20. (Original) The method as recited in claim 17, wherein the act of converting the token 
data comprises serializing the token data into base 64 encoding. 

21. (Original) The method as recited in claim 17, wherein the at least one generated 
security token is a custom security token created using a custom value type, and wherein the 
custom value type is accessible by both the sending and receiving computer systems. 

22. (Original) The method as recited in claim 17, further comprising an act of creating a 
signature or encryption function based on the included one or more of a custom property, a 
signature, and an encryption level in the created binary token. 

23. (Original) The method as recited in claim 17, further comprising an act of including a 
program language value corresponding with each token that is included in the outbound token 
collection. 

24. (Original) The method as recited in claim 23, wherein the program language value is 
a Common Language Runtime value. 

25. (Cancelled) 

26. (Previously Presented) The method as recited in claim 17, further comprising an act 
of assigning the markup language representation of the at least one generated security token a 
global unique identifier. 

27. (Original) The method as recited in claim 26, wherein the outbound token collection 
is a hash table that is keyed by the global unique identifier of the at least one generated security 
token. 

28. (Original) The method as recited in claim 27, wherein the global unique identifier is 
inserted into a signature or encryption portion of the message. 
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29. (Currently Amended) In a computerized network environment including two or more 
computer systems sending messages through a network communication protocol, a method of 
sending secure messages using custom security tokens, the method comprising: 

an act of a sending computer system generating one or more security tokens using one or 
more corresponding value types, each token including token data that includes 
one or more of a custom property, a signature, and an encryption level; 

an act of encrypting a portion of a message using at least one of the one or more 
generated security tokens; 

an act of inserting the at least one generated security token in an outbound token 
collection; and 

an act of converting the token data for the outbound token collection using a private key 
that is only accessible by the sending computer system and a receiving computer 
systemt-and 

an act of including a program language valu e corr e sponding with e ach tok e n that is 
includ e d in th e outbound tok e n coll e ction . 

30-31 (Cancelled) 

32. (Previously Presented) The method as recited in claim 14, wherein deserializing 
comprises an act of converting data from the identified at least one token from base 64 encoding 
to a byte array. 

33. (Previously Presented) The method as recited in claim 29, wherein the program 
language value is a Common Language Runtime value. 
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34. (New) The method as recited in claim 1, wherein the one or more security tokens are 
represented in the message by a markup language identifier, and wherein the at least one 
identified security token is identified by the markup language identifier. 

35. (New) The method as recited in claim 17, wherein the act of inserting the at least one 
generated security token in an outbound token collection further comprises: 

an act of identifying a markup language representation of the at least one generated 
security token, and 

an act of placing the markup language representation of the at least one generated 
security token in the outbound token collection. 
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